How Defender for Cloud finds machines affected by Log4j vulnerabilities

This post has been republished via RSS; it originally appeared at: Microsoft Tech Community - Latest Blogs - .

When news breaks of a major security story like the Log4j bug (CVE-2021-44228), vendors and organizations move as fast as they can to understand the issue, determine their exposure, and mitigate the risks.


The Microsoft Security Response Center was quick to release guidance and background on this issue. And we continue to update that page as we and the rest of the infosec community continue to gain a deeper understanding of the impact of this threat.


In situations like this, organizations that are using Microsoft Defender for Cloud can immediately begin investigations - even before there's a CVE number to search for - with our Inventory tools


Using inventory, you have two powerful ways to determine your exposure:



A quick demo of how you'd search for all your resources to see which ones have Log4j installed is shown below.





For extensive guidance, workarounds, background, analysis of the vulnerability, and the latest updates, check the continually maintained post on the Microsoft Security Response Center (MSRC) blog.

REMEMBER: these articles are REPUBLISHED. Your best bet to get a reply is to follow the link at the top of the post to the ORIGINAL post! BUT you're more than welcome to start discussions here:

This site uses Akismet to reduce spam. Learn how your comment data is processed.